Time continues to fly but I wanted to give an update that should last for awhile.

I recorded a number of videos to launch hackINT Academy but the beta classes I taught reinforced two thought processes.

1. Although plenty of people have good intentions, those who I have trained up to become instructors just haven’t worked out. Life simply gets in the way and without extremely passionate people it just hasn’t worked.

2. The students I’m targeting (entry level) really needed guided instruction. YouTube based videos and online training just isn’t adequate for most. My opinion on this became more solidified after I had people on my team at work take SANS Online training. I have a lot of respect for SANS and they’ve done some great things; but even my more advanced teammates got little value out of an online class compared to in person.

Therefore, I will not be posting my video classes nor launching hackINT Academy. Instead, I am going to continue hosting training classes in my free weekends. I’ve hosted 3 these last two months already with another one coming up before I move to San Antonio. At San Antonio I plan to get involved with AFCEA and teach additional classes once I settle in (training en route so I should be in San Antonio in August).

The second course of action is that I will be (over time) taking my material and making an intro-to-intermediate level class to put up at http://opensecuritytraining.info/

Open Security Training has existed longer than my hackINT concept but I did not know about them until recently; ultimately they’ve done better with the online training than I could have as a side hobby. I encourage everyone to check them out. I plan to have a full day length course to add on there once I settle in San Antonio instead of trying to repeat the process and launch my own website.

Once in San Antonio I will be relying on this site more to advertise out the classes I’m hosting.

I’ve let updates here slip a bit unfortunately so it’s past time that I post something new. The past few months have been incredibly busy for myself personally (from starting my PhD at King’s College London to starting a small tech company with some friends) as well as with hackINT. With hackINT I’ve been able to talk with an additional couple people about them developing and teaching classes that we can offer out for free. Luckily these are some passionate and talented individuals so I’m looking forward to what they can bring to the team. The problem is always based around organizing and bringing this talent together on the side of our day jobs and lives. I can happily report though that things are steadily moving forward.

The last couple months have also seen a number of new classes taught. I was able to teach another couple classes on base in Wiesbaden, Germany to some really motivated US Military members who wanted to learn more; specifically I was teaching the Introduction to Digital Forensics class. In addition to that I was able to teach the same class at two German based hackerspaces which was an incredible experience getting to train some amazing individuals truly passionate about this material. With training in person though on my weekends (sometimes as much as every other weekend) I have admittedly failed in launching the website according to my own timeline.

I’ve been teaching at Utica College and revamping the syllabus for some of the courses there as well as developing the new Adv Topics in Cyber Operations Class. My students there have showed me that there is more need than ever for free training that is available to people at all points in their career. My students are talented but face a lack of training available to them usually due to a high price or just general lack of options. So I’m continuing my push to take hackINT to a more public level and still planning on launching the website. Instead of announcing set deadlines though I’m just going to promise that I’m putting quite a bit of what time I do have into getting the courses ready. My interaction with the students at Utica College have also encouraged me to change my format from just offering the training styled videos into also adding more full length courses where I give hackINT students videos, readings, and assignments over an 8 week period that they may follow on at their own pace. In this way, the students will be able to have a more formal, guided, and free ability to gain education on hacking and security topics instead of just training (a good discussion on what education vs training is can be had later but the basis is providing science and theory with a little reinforcement vs. primarily hands on experience).

My new few months are looking pretty exciting. I’ll be at TROOPERS presenting on the importance of privacy to security in March, presenting on my book SCADA and Me at the SANS ICS Summit in March, and likely traveling to S4 in Jan. I have a few new articles coming out in journals and magazines and will be sure to post what I can publish out here as well. To all of you I appreciate the patience, I hope you’ve been able to catch me in one of the classes I’ve been offering, and if not I’ll be sure to see some of you around. There will be a few classes hosted in Wiesbaden in Jan and a few at Ramstein in Feb. I’ll see you around and until then keep the passion and keep hacking.

I’ve been polishing up the Hacker Methodology and Introduction to Forensics courses as both were chosen to be made into official DoD classes. This is an awesome opportunity and for those that are in Europe working as members of the IC you should have access to it within a few months. For those that are not (I know that is a small group) it is a step in the right direction to getting more of these classes available widespread.

In addition, I am working on the 8 classes I want to launch the hackINT website with and the website should go live sometime in September if all goes well.

Lastly, everything has been going well with me and I have begun teaching in my spare time at Utica College as part of the faculty for the M.S. Cybersecurity degree there. I’ve also been asked to be the course developer/director for the advanced topic class in the new Cyber Operations tract.

Starting in October I’ll also be teaching at two hackerspaces in Germany to open up the classes to more civilians and making the course available off-base to widen who all can attend.

Also, the hackINT 2013 event and training at Ramstein Air Base as part of Chapter 158′s AFCEA Tech Expo was a huge success. For those interested here is a spot AFN did on it:

Just wanted to give an update that I’m still plugging away developing courses and hands on challenges for the upcoming training event at Ramstein. Today the 30 individuals taking the training from squadrons across the base and neighboring bases have been identified. Emails will go out soon to those individuals and I’ll continue developing out the courses. It is of interest to me that much of what I like developing, teaching, training, etc. is completely freely available. For example, I’m developing one of the Intelligence courses right now and leaning heavily on the Joint Publication documents from the US Govt including JP 2-0 which discusses the Intelligence life cycle and various types of Intel. Intelligence does not seem to be instantly relevant to defense and forensics but it is often the case that good forensic cases and good defensive measures are based off of threat intelligence and other forms of intelligence applied to these domains. I’d encourage everyone who is interested in learning more in their field to keep an open mind and look for opportunities to learn and develop their skills in a variety of ways.

I’m also moving forward with getting the hackINT website and class videos up and going, I’m expecting late July or early August depending on other commitments; it’ll be my focus after the Ramstein training event.

I’m looking forward to the June/July training event and I’ll have a lot more to post after it.

I presented an idea to some of the members of AFCEA Chapter 158 at Ramstein AB, Germany and got a positive response so I want to share what’s going on with hackINT right now. Every year there is a Summer Tech Expo at Ramstein Air Base that shows off the latest in military communications technology to the base and raises money through vendor fees that goes entirely towards free education scholarships for military members and their families in the region. Last year I hosted hackINT Con 2012 there with a capture the flag contest. This year, I wanted to step it up some and get more training out there to people. So what hackINT will be doing in partnership with AFCEA Chapter 158 is hosting a four day training session followed by a competition.

How it’ll work: Numerous Commanders of Communications Squadrons around Ramstein Air Base are going to send 4 students who are interested to 4 days of training. The training will take place June 29/30 and July 13/14. Commanders are going to give the members day passes so that they can still get time off at a later date for giving up their Saturday and Sunday. The training will be a holistic approach of teaching all four core disciplines at hackINT: Forensics, Intelligence, Hacking, and Defense. I’m currently developing a few extra classes so I can teach all four disciplines and will debut them at this training event. Students will take a skills measuring test before and after the training so that some sort of metric can be obtained on how they performed and how they felt their skills developed. At the end of the training, at the Summer Tech Expo, there will be a competition where students will have to use all four disciplines to gain points and win. The teams will be made up of the Squadrons’ members that attended the training.

This is going to be a huge event and so far has a number of Squadrons already participating. So to not take away from the event and to give it my full focus I will be putting all my time in hackINT towards this event. Post this event there will be more classes offered to the public including those debuted at the training event.

I’m excited to announce that this Saturday, April 6th, I will be hosting an event titled Train-the-Trainers. This will be the first of numerous events where I will be teaching classes to representatives at different Armed Forces Communications Electronics Association (AFCEA) chapters around the world so that they can freely teach people in their area. The event has come about from great discussions that occurred at the annual AFCEA West conference in San Diego, California and is due in no small part to the Young AFCEA Council.

The first two classes to be taught to the trainers are the DEF 100 and DEF 202 classes. These classes teach the fundamentals of computers and defense as well as packet analysis and intrusion detection systems. The participating chapters so far include chapters from Germany, Texas, Alabama, Virginia, and Washington DC. More chapters will be trained up in the future with additional classes being given to the instructors to continually train personnel in their area.

I want to thank all those people who end up attending for stepping up to learn a little bit more about the cyberspace domain in an effort to freely educate the community; that is awesome dedication and I greatly appreciate it.

Tomorrow I’ll be teaching the Packet Analysis and Intrusion Detection System class at Ramstein Air Base. This will be the last time for awhile that I’ll be teaching that particular class at Ramstein. I’m finally happy with how the class is structured and have added a lot of good material with feedback and practice from teaching a variety of students. I’ll be offering the class out near Frankfurt a few times (hopefully to some hackerspace groups as well following some contacts made at TROOPERS13). Additionally, I’ll be recording the class at home and have it ready for the hackINT website which will launch this summer/fall.

The class did not have an active call for more students; the students were taken from the backup list of the last class. There is obviously an enormous amount of students even at Ramstein alone who want to take these types of classes. That is a powerful thought. I’m a young teacher and although I am confident in my skills I am constantly a student like everyone else; yet people give up their Saturdays to come train and learn something new because the education is available. We constantly (globally) complain about the lack of security experts yet there are so many eager to learn if only the education was there to meet the demand. It is not an issue of lack of desire it is an issue of availability and affordability. I’m looking forward to the class tomorrow and will continue to work on the classes for the website. Thank you to the students who continually keep me motivated.

The DEF 202 – Packet and Analysis and Intrusion Detection Systems is set to take place on Mainz Kastel (Wiesbaden) Post Saturday 23rd from 0900-1600. The class is full again and I’m looking forward to teaching another great group of students. After the last class there was some great feedback including a recommendation concerning the labs. I greatly appreciate the feedback and am making adjustments to the lab based on the feedback. I plan to teach the same class again March but may have to use the smaller classroom in the ADPE building because the Community Center Annex is already booked that weekend. I will keep everyone up to date on the decision.

The current plan is to take the feedback from the March 16th class and finalize the course. After the course is finalized I will be recording it so that it can be uploaded to the hackINT website that is launching this summer. Classes on the website will start with the Hacking (HCK) classes and the Defense (DEF) classes; there will be 4-5 classes at launch. Following launch and over the summer I will be working on developing the Forensics (FOR) classes. The intention is to offer a class in-person 3-4 times and then record it so that it is available for everyone online. Class in person will continually be taught and new instructors trained to continue that classroom experience.

The Feb 16th Intrusion Detection Systems class filled up within the first day of it being advertised so, through the help of AFCEA Chapter 158, a new location was obtained. hackINT will be hosting the class in the Community Center Annex on Ramstein, Air Base so we can now fit 30 students in the class. However, that class is already filled as well with about 15 people on the “reserve list.” So in March, likely the second weekend, I’ll be returning to Ramstein to teach the class again. Those on the reserve list will get first priority for seats in the class.

Also, at the request of a squadron, I’ll be offering the IDS class in Wiesbaden on Feb 23rd. If you are in the Wiesbaden area please feel free to email me as there are a few seats still available.

I have added a new Wireshark lab to the IDS class and made some updates and additions based off of student feedback; feedback is always important to hackINT and helps immensely with delivering classes students want to take. Following the March class I will be developing 2-3 more classes and will have some exciting announcements in April/May time frame!

The next class offering from hackINT will be the Intrusion Detection Systems class and will take place Feb 16th from 0900-1600 at Ramstein Air Base. If you are interested in attending please email me at RobertMichael.Lee (..at..) Gmail.com

Information about the course:

“hackINT will be offering its Intrusion Detection Systems class Feb 16th on Ramstein Air Base. The class is free to attend and will cover the basics of what Intrusion Detection Systems are, their types, and their importance to network defense. In addition, students will have an opportunity to use a popular open source Intrusion Detection System (Snort) on a Virtual Machine that will be handed out in class to analyze network traffic and build basic custom Intrusion Detection System signatures. Intrusion Detection Systems are important parts of network defense and understanding these systems and how they operate are critical to defense even for a home network. The class will start at 0900 and end no later than 1600 and there will be a certificate available documenting six hours of instructor led class to be used towards Continuing Education Credits for anyone needing them. Additional details will be provided prior to the class via email.”

Also, if you are accessing this site following AFCEA West please feel free to contact me if you would like to have me train 1-2+ people to teach hackINT classes at your AFCEA Chapter. I’ll be doing “train the trainer” sessions in April and May for a number of the classes offered by hackINT.